Mariadb rewrite, fixes mysqld running as root

mariadb/Dockerfile

@@ -1,13 +1,18 @@
 FROM fedora
 MAINTAINER http://fedoraproject.org/wiki/Cloud
 RUN dnf -y update && dnf clean all
-RUN dnf -y install mariadb-server pwgen psmisc net-tools hostname && \
+
+# Add our user and group first to make sure their IDs get assigned consistently
+RUN groupadd -r mysql -g 1000 && \
+    useradd -r mysql -u 1000 -g mysql && \
+    dnf -y install mariadb-server pwgen psmisc net-tools hostname && \
     dnf clean all
 
 ADD scripts /scripts
-RUN chmod 755 /scripts/*
+RUN chmod -v +x /scripts/*
+ADD mariadb-server.cnf /etc/my.cnf.d/mariadb-server.cnf
 
-VOLUME ["/var/lib/mysql", "/var/log/mysql"]
+VOLUME ["/var/lib/mysql"]
 EXPOSE 3306
 
-CMD ["/bin/bash", "/scripts/start.sh"]
+CMD ["/scripts/start.sh"]

mariadb/mariadb-server.cnf

@@ -0,0 +1,14 @@
+#
+# These groups are read by MariaDB server.
+# Use it for options that only the server (but not clients) should see
+#
+# See the examples of server my.cnf files in /usr/share/mysql/
+#
+
+[server]
+user=mysql
+datadir=/var/lib/mysql
+socket=/var/lib/mysql/mysql.sock
+pid-file=/var/run/mariadb/mariadb.pid
+
+# Don't set log-error. Docker likes logs on stdout/stderr, like systemd does.

mariadb/scripts/config_mariadb.sh

@@ -2,48 +2,50 @@
 
 set -e
 
-__mysql_config() {
-  echo "Running the mysql_config function."
-  mysql_install_db
-  chown -R mysql:mysql /var/lib/mysql
-  /usr/bin/mysqld_safe &
-  sleep 10
-}
-
-__start_mysql() {
-  printf "Running the start_mysql function.\n"
-  ROOT_PASS="$(pwgen -s -1 12)"
-  USER="${USER-dbuser}"
-  PASS="${PASS-$(pwgen -s -1 12)}"
-  NAME="${NAME-db}"
-  printf "root password=%s\n" "$ROOT_PASS"
-  printf "NAME=%s\n" "$NAME"
-  printf "USER=%s\n" "$USER"
-  printf "PASS=%s\n" "$PASS"
-  mysqladmin -u root password "$ROOT_PASS"
-  mysql -uroot -p"$ROOT_PASS" <<-EOF
-	DELETE FROM mysql.user WHERE user = '$USER';
-	FLUSH PRIVILEGES;
-	CREATE USER '$USER'@'localhost' IDENTIFIED BY '$PASS';
-	GRANT ALL PRIVILEGES ON *.* TO '$USER'@'localhost' WITH GRANT OPTION;
-	CREATE USER '$USER'@'%' IDENTIFIED BY '$PASS';
-	GRANT ALL PRIVILEGES ON *.* TO '$USER'@'%' WITH GRANT OPTION;
-	CREATE DATABASE $NAME;
-EOF
+# Show settings first, so they aren't buried in the noise.
+USER="${USER-dbuser}"
+PASS="${PASS-$(pwgen -s -1 12)}"
+NAME="${NAME-db}"
+printf "\n"
+printf "root password=\n"
+printf "NAME=%s\n" "$NAME"
+printf "USER=%s\n" "$USER"
+printf "PASS=%s\n" "$PASS"
+printf "\n"
+
+echo "Initializing mariadb"
+mysql_install_db --user=mysql
+
+echo "Starting mysqld for initial configuration"
+/usr/libexec/mysqld &
+PID=$!
+
+for i in {30..0}; do
+  if (! kill -0 $PID) ||
+     (echo 'SELECT 1' | mysql -u root >/dev/null 2>&1)
+  then
+    break
+  fi
+  sleep 1
+done
 
-  killall mysqld
-  sleep 10
-}
-
-# Call all functions
-DB_FILES=$(echo /var/lib/mysql/*)
-DB_FILES="${DB_FILES#/var/lib/mysql/\*}"
-DB_FILES="${DB_FILES#/var/lib/mysql/lost+found}"
-if [ -z "$DB_FILES" ]; then
-  printf "Initializing empty /var/lib/mysql...\n"
-  __mysql_config
-  __start_mysql
+if ! kill -0 $PID; then
+  echo
+  echo "mysqld failed to start"
+  exit 1
 fi
 
-# Don't run this again.
-rm -f /scripts/config_mariadb.sh
+if ! (echo 'SELECT 1' | mysql -u root >/dev/null 2>&1); then
+  echo
+  echo "Timeout waiting for mysqld to become ready"
+  exit 1
+fi
+
+mysql -uroot <<-EOF
+CREATE DATABASE $NAME;
+CREATE USER '$USER'@'%' IDENTIFIED BY '$PASS';
+GRANT ALL PRIVILEGES ON $NAME.* TO '$USER'@'%' WITH GRANT OPTION;
+EOF
+
+kill $PID
+wait $PID

mariadb/scripts/start.sh

@@ -1,9 +1,10 @@
 #!/bin/bash
 
-if [ -x /scripts/config_mariadb.sh ]; then
-  # Initial configuration
+if [ ! -d /var/lib/mysql/mysql ]; then
+  echo "Initializing empty /var/lib/mysql..."
   /scripts/config_mariadb.sh || exit 1
+  echo "/var/lib/mysql initialized. Ready to start"
 fi
 
 rm -f /run/mysqld/mysqld.sock
-exec /usr/bin/mysqld_safe
+exec /usr/libexec/mysqld